fix(workflows): Finish password confirmation

Signed-off-by: Joas Schilling <coding@schilljs.com>
2026-05-19 08:25:56 -04:00 · 2023-11-02 12:22:42 +01:00 · 2023-11-02 12:22:42 +01:00 · 7541bfaa6c
commit 7541bfaa6c
parent 41c6d6a266
3 changed files with 9 additions and 4 deletions
--- a/apps/workflowengine/lib/Controller/AWorkflowController.php
+++ b/apps/workflowengine/lib/Controller/AWorkflowController.php
@ -99,6 +99,7 @@ abstract class AWorkflowController extends OCSController {
 	}

 	/**
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 * @throws OCSException
@ -127,6 +128,7 @@ abstract class AWorkflowController extends OCSController {
 	}

 	/**
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 * @throws OCSException
@ -155,6 +157,7 @@ abstract class AWorkflowController extends OCSController {
 	}

 	/**
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 * @throws OCSException
--- a/apps/workflowengine/lib/Controller/UserWorkflowsController.php
+++ b/apps/workflowengine/lib/Controller/UserWorkflowsController.php
@ -81,6 +81,7 @@ class UserWorkflowsController extends AWorkflowController {

 	/**
 	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 */
@ -90,6 +91,7 @@ class UserWorkflowsController extends AWorkflowController {

 	/**
 	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 * @throws OCSBadRequestException
 	 * @throws OCSForbiddenException
 	 */
@ -99,6 +101,7 @@ class UserWorkflowsController extends AWorkflowController {

 	/**
 	 * @NoAdminRequired
+	 * @PasswordConfirmationRequired
 	 * @throws OCSForbiddenException
 	 */
 	public function destroy(int $id): DataResponse {
--- a/apps/workflowengine/src/store.js
+++ b/apps/workflowengine/src/store.js
@ -89,7 +89,8 @@ const store = new Store({
 				context.commit('addRule', rule)
 			})
 		},
-		createNewRule(context, rule) {
+		async createNewRule(context, rule) {
+			await confirmPassword()
 			let entity = null
 			let events = []
 			if (rule.isComplex === false && rule.fixedEntity === '') {
@ -120,9 +121,7 @@ const store = new Store({
 			context.commit('removeRule', rule)
 		},
 		async pushUpdateRule(context, rule) {
-			if (context.state.scope === 0) {
-				await confirmPassword()
-			}
+			await confirmPassword()
 			let result
 			if (rule.id < 0) {
 				result = await axios.post(getApiUrl(''), rule)